Long term traffic capturing using dumpcap & tshark

edit

Hi

I am using dumpcap & tshark for long term traffic capturing (I am interested in "HTTP conversation" - HTTP Request & Response).

I fork dumpcap & tshark from my code ang get the data from tshark using stdout.

It works well.

Since tshark doesn't release the memory it allocates for the "HTTP conversation" - A script restart the capturing process when the memory usage in the machine crosses a predefined level.

When the memory allocation "slope" (Delta Memory / Delta Time) is sharp I experience a phenomena where I stop getting the "HTTP conversations" from tshark for 10-30 minutes.

My question is: Is there a way I can control tshark memory allocation "policy"?

Thanks

Avishay